Browse Source

Document that passphrase is used for Borg keyfile encryption, not just repokey encryption (#373).

master
Dan Helfman 1 month ago
parent
commit
41bf520585
3 changed files with 11 additions and 10 deletions
  1. +1
    -0
      NEWS
  2. +8
    -8
      borgmatic/config/schema.yaml
  3. +2
    -2
      docs/how-to/set-up-backups.md

+ 1
- 0
NEWS View File

@ -1,4 +1,5 @@
1.5.13.dev0
* #373: Document that passphrase is used for Borg keyfile encryption, not just repokey encryption.
* Drop support for Python 3.5, which has been end-of-lifed.
* Update versions of test dependencies (test_requirements.txt and test containers).
* Only support black code formatter on Python 3.8+. New black dependencies make installation


+ 8
- 8
borgmatic/config/schema.yaml View File

@ -185,19 +185,19 @@ map:
desc: |
The standard output of this command is used to unlock the
encryption key. Only use on repositories that were
initialized with passcommand/repokey encryption. Note that
if both encryption_passcommand and encryption_passphrase are
set, then encryption_passphrase takes precedence. Defaults
to not set.
initialized with passcommand/repokey/keyfile encryption. Note
that if both encryption_passcommand and encryption_passphrase
are set, then encryption_passphrase takes precedence.
Defaults to not set.
example: "secret-tool lookup borg-repository repo-name"
encryption_passphrase:
type: str
desc: |
Passphrase to unlock the encryption key with. Only use on
repositories that were initialized with passphrase/repokey
encryption. Quote the value if it contains punctuation, so
it parses correctly. And backslash any quote or backslash
literals as well. Defaults to not set.
repositories that were initialized with
passphrase/repokey/keyfile encryption. Quote the value if it
contains punctuation, so it parses correctly. And backslash
any quote or backslash literals as well. Defaults to not set.
example: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
checkpoint_interval:
type: int


+ 2
- 2
docs/how-to/set-up-backups.md View File

@ -139,8 +139,8 @@ configuration](https://torsion.org/borgmatic/docs/how-to/upgrade/#upgrading-your
### Encryption
If you encrypt your Borg repository with a passphrase instead of a key file,
you'll either need to set the borgmatic `encryption_passphrase` configuration
If you encrypt your Borg repository with a passphrase or a key file, you'll
either need to set the borgmatic `encryption_passphrase` configuration
variable or set the `BORG_PASSPHRASE` environment variable. See the
[repository encryption
section](https://borgbackup.readthedocs.io/en/stable/quickstart.html#repository-encryption)


Loading…
Cancel
Save